Analysis: ipoque, DPI, and bandwidth management

Bandwidth-exceededIn 2008, ipoque released a report titled “Bandwidth Management Solutions for Network Operators“. Using Deep Packet Inspection appliances, it is possible to establish a priority management system that privileges certain applications’ traffic over others; VoIP traffic can be dropped last, whereas P2P packets are given the lowest priority on the network. Two  modes of management are proposed by ipoque:

  1. Advanced Priority Management: where multi-tiered priorities maintain Quality of Experience (rather than Service) by identifying some packet-types as more important than others (e.g. VoIP is more important than BitTorrent packets). Under this system, less important packets are only dropped as needed, rather than being dropped once a bandwidth cap is met.
  2. Tiered Service Model: This uses a volume-service system, where users can purchase so much bandwidth for particular services. This is the ‘cell-phone’ model, where you sign up for packages that give you certain things and if you exceed your package limitations extra charges may apply*. Under this model you might pay for a file-sharing option, as well as a VoIP and/or streaming HTTP bundle.

The danger with filtering by application (from ipoque’s position) is that while local laws can be enforced, it  opens the ISP to dissatisfaction if legitimate websites are blocked. Thus, while an ISP might block Mininova, they can’t block Fedora repositories as well – the first might conform to local laws, whereas blocking the second would infringe on consumers’ freedoms. In light of this challenge, ipoque suggests that could ISPs adopt Saudi Arabia-like white-lists, where consumers can send a message to their ISP when they find sites being illegitimately blocked. Once the ISP checks out the site, they can either remove the site from the black-list, or inform the customer of why the site must remain listed.

Continue reading

Analysis: ipoque, DPI, and copyright

Copyright SymbolI worry that increasingly far-reaching and burdensome copyright laws, when combined with the analysis techniques of Deep Packet Inspection (DPI), will lead to pervasive chilling of speech. I see this as having real issues for both the creation and development of contemporary culture, which depends on mixing the past into new creations (with ‘the past’ increasingly copy-written), and for the opportunities to use rich media environments such as the Internet to create and distribute political statements. Copyright isn’t just an issue for musicians and artists; it’s an issue for anyone who is or who wants to engage in digital self-expression in media-creative ways.

Given that my earlier post about this relationship between DPI and freedom of expression may have seemed overly paranoid, I thought that I should substantiate it a bit by turning to a DPI vendor’s white paper on copyright. In one of their most recent white papers, ipoque talks about “Copyright Protection in the Internet“. One of the great things about this white paper is how the author(s) have divided their analysis; they identify different methods of limiting or stopping infringement theoretically (i.e. can a technology do this?) and then provide a ‘reality check’ (i.e. can this practically be implemented without gross rights violations or technical nightmares), and end each analysis with a conclusion that sums up ipoque’s official position on the method in question. I want to focus on detecting infringing files, rather than on preventing such transfers of those file, on the basis that it is the former that really depends on DPI to be effective.

Continue reading

Office of the Privacy Commissioner of Canada Reveals their Deep Packet Inspection Website

200903300037.jpgThe Office of the Privacy Commissioner of Canada (OPC) has been incredibly interested in Deep Packet Inspection (DPI) technologies, and prominently demonstrated their concerns with the technology in the comment they filed to the CRTC about Internet Service Providers’ traffic management practices. As of today the OPC’s DPI website has gone online – it’s got a great set of mini-essays on various elements of the technology, and lets visitors leave comments and engage with each piece. They’ve done a stellar job – if you’re interesting in DPI and its privacy implications, I highly recommend visiting/bookmarking it.

As a note: if you want to get a grasp on what the Deep Packet Inspection is, and how it works, before jumping into its privacy implications I’ve developed an accessible working paper entitled “Deep Packet Inspection in Perspective: Tracing its lineage and surveillance potentials” for the New Transparency Project.

Analysis: ipoque, DPI, and encryption

Package-reportipoque is one of the world’s leading Deep Packet Inspection (DPI) appliance manufacturers. For the past several years they have been producing detailed reports on the constitution of Internet bandwidth usage; their 2006 report was predominantly based on German data (100,000 German households’ data was incorporated into the study, versus 10,000 European households outside of Germany), whereas their 2008/2009 report takes data from Northern Africa, South Africa, South America, the Middle East, Eastern Europe, Southern Europe, Southwestern Europe, and Germany. In short: the study’s range of participants and associated data points have increased substantially.

While the most recent report isn’t ‘comprehensive’ in the sense that it offers a perfect picture of the Internet’s global bandwidth and protocol usage during the data accumulation period, there are interesting things that we can learn from it. Perhaps most interesting, is that ipoque learned that P2P protocol usage grew far less than during the 2007 data collection period. The 2008/2009 report routinely identifies Direct Download Sites and services such as Usenet as reasons for the decline of P2P usage, as well as increasingly rich multi-media HTTP traffic. (While it is well beyond the scope of the ipoque study, it would be delightful to see if there is a corresponding relationship between content owners providing their media through web accessible portals and decreases in the growth of copyright infringement online.)

Continue reading

Update: EDLs in New Brunswick

200904021515.jpgA few days ago I posted that Nova Scotia and New Brunswick both might be moving away from EDLs because of their costs and/or privacy issues. While the article discussed the issue was problematic (because of persistent factual errors), it appears as though the author was on target concerning New Brunswick’s concerns with the technology: EDLs will not be coming to my birthplace .

This means that both New Brunswick and Saskatchewan will not be going forward with EDLs, though Alberta. Quebec, Manitoba, Ontario, and B.C. are all going ahead with EDLs. I’ll be curious to see if the rest of the Atlantic provinces follow New Brunswick’s lead, and how this might shape the national discourse on EDLs.